Sneaky dialers can have a PC calling up porn

March 06, 2003|By MIKE HIMOWITZ

FROM TIME to time, I compare surfing the Web to swimming in a sewer. You never know what kind of little nasty is going to attach itself to you and make life miserable.

That's what happened to several readers who complained about finding $50 to $200 worth of calls to pornographic Web site numbers on their phone bills.

None had ever told their computers to dial the numbers, although they remembered occasions when porn sites appeared unbidden in their Web browser.

Unfortunately, these folks have a serious problem on their hands. They or their kids have inadvertently downloaded a program that disconnects them from their dialup Internet service provider and silently dials a porn site, either through a 900 number or by an international toll call to Chad, Vanuatu, Moldova, Madagascar or some other country with outrageous connect charges.

Sometimes the victims have trouble figuring out just who charged them -- the only listing is a third-party billing company that doesn't want to hear complaints, or a long distance carrier whose customer service department says, "Tough luck, you made the call."

Removing a porn dialer from your PC can be just as difficult as having the charges removed from your phone bill. Clicking on the program's Uninstall icon will only trigger a program that reinstalls it. Even erasing the program files won't work -- they'll show up the next time you start up your computer.

How does all this happen to people who wouldn't be caught dead accessing a porn site? At least temporarily, they're losers in an ongoing war between surfers and people who want to plant software on their computers, either to spy on them or rip them off outright.

Porn dialers became popular a couple of years ago when fraud and charge-backs were so common on adult Web sites that banks and credit card companies would no longer do business with them. So the pornmasters chose another venue -- providing customers with software that would dial up the operator's ISP and charge the customer through his phone bill.

There's nothing inherently wrong with this as long as everything is upfront -- by that I mean that the customer knows what it's going to cost him.

Unfortunately, the temptation was too great for the real sleazeballs (and there are lots of them) who immediately figured out ways to sneak these programs onto users' machines.

Their targets are people with dial-up Internet connections. If you have broadband cable or DSL service and your computer's modem isn't hooked up to a phone line, they won't affect you, other than an annoying error message popping up when the program can't find the phone line.

In some cases, the surfer downloads the program under the misconception that he's installing a "free" porn viewer. In practice, it disconnects him from his regular ISP and silently dials a 900 domestic number or an overseas number that's billed at $3 to $6 a minute.

But just as often, the download is the result of misdirection. Frequently, it's triggered by clicking a "Cancel" or "Close" button on a Window that pops up when you mistakenly type in a variant of a common Web address that's been taken over by a porn site operator.

In the worst cases, the infection is triggered merely by visiting a Web site with malicious code embedded in the page. These are known in the trade as "drive-by" downloads.

Some porn dialers place an icon on your Windows desktop. Clicking it will tell your modem to dial the porn site and start the meter. Others give you no warning at all: they dial automatically at odd hours if your computer's running. The first hint that you've been scammed is a gargantuan phone bill.

Porn dialers sink deep hooks into your PC, often burying themselves in the Windows registry, the database of arcane system information that controls almost everything your computer does. Digging them out requires editing the registry, a job that even professionals dislike because a mistake can render your computer useless.

The Federal Trade Commission has been fighting porn dial operators for years, but for each consent decree and refund the agency wins, new scammers pop up. Type "porn dialer" into a Google search bar and you'll find dozens of companies offering the service to Webmasters.

There's no easy method to rid your system of a porn dialer, but there are some ways to protect yourself. One is to install a good virus checker and a firewall such as Zone Alarm, or an all-in-one package such as the Norton Internet Security suite. Virus checkers can catch some porn dialers before they're installed, and a firewall can warn if an unauthorized program is trying to access the Internet.

Another option is a spyware detector, such as AdAware, which comes in both free and paid versions (www.lavasoftusa .com), and my new favorite, SpyBot Search and Destroy, a free utility that roots out adware, spyware, dialers and other pests. It's available at http://spybot.safer-networking.de.

Finally, pay attention when you're browsing the Web, especially when you get caught in a thicket of popup Windows. Never click inside one of these panes, because that can trigger a drive-by download. Always close a popup broswer window by clicking on the "X" in the upper right hand corner.

And be suspicious of any popup window that asks if you want to download a program. Unless you're absolutely sure it's legit, say no.

Baltimore Sun Articles
|
|
|
Please note the green-lined linked article text has been applied commercially without any involvement from our newsroom editors, reporters or any other editorial staff.